Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f1f34170-6148-462d-b1cc-53dafdb7dca0.roa
File: f1f34170-6148-462d-b1cc-53dafdb7dca0.roa (raw, json)
Hash identifier: Ll6/ieEfZnTf4omoXjpM6Y/HYblOk4RUxi8UdIRX4oI=
Subject key identifier: F1:4E:BA:E9:92:45:F8:A7:AB:95:58:64:85:2E:81:4B:06:0B:16:70
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 56AB4A01837E6901CF254B1D05DF55A8B16C069F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f1f34170-6148-462d-b1cc-53dafdb7dca0.roa
Signing time: Wed 15 Jan 2025 00:00:00 +0000
ROA not before: Wed 15 Jan 2025 00:00:00 +0000
ROA not after: Wed 19 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 199.205.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:ab:4a:01:83:7e:69:01:cf:25:4b:1d:05:df:55:a8:b1:6c:06:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 15 00:00:00 2025 GMT
Not After : Feb 19 23:59:59 2025 GMT
Subject: serialNumber=646b926e0fb57cbace2ea21691965d04ac5482e3fd0a0678d983eaad2c7a49f5, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:1a:97:dc:bc:7f:48:c0:b6:85:e5:7c:f2:28:
c7:ca:39:7a:65:9d:de:51:d7:4e:1a:4f:8f:02:69:
41:5e:c5:84:01:43:b4:60:cf:4c:ef:12:a2:00:75:
c2:44:b7:51:53:01:2f:f9:3b:a6:c4:85:ce:09:08:
0c:70:c5:e8:ca:6e:d5:39:77:aa:a5:98:fa:59:a8:
2f:7c:18:d2:b3:cb:d3:ec:32:4e:a8:8c:bf:ca:86:
97:32:d0:19:10:06:9a:9b:2d:55:84:57:b8:ed:7f:
cc:d4:87:63:13:f8:c8:56:f5:79:0c:90:91:6f:90:
43:c6:ba:bd:6c:a5:32:a3:7f:d4:97:fc:da:52:c1:
ef:b3:31:7b:20:78:62:b8:13:a2:69:53:bd:e8:e2:
f4:01:9c:ae:33:89:62:c1:66:81:b3:4c:7f:14:39:
02:ad:d2:98:ca:e2:b6:ef:52:b4:ad:85:0c:9d:d9:
ae:f4:7f:c4:f0:44:7b:67:13:c5:8e:6a:35:04:15:
0c:69:66:89:1a:50:20:23:60:ec:ce:10:12:be:8d:
37:ba:9d:e2:f2:98:ac:02:62:89:02:08:26:79:ae:
d7:65:3f:fe:6d:2b:fa:68:a0:f8:df:9a:64:a6:81:
dd:d2:ca:cd:bc:41:8f:af:6c:e5:8a:e9:bc:3b:ee:
11:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:4E:BA:E9:92:45:F8:A7:AB:95:58:64:85:2E:81:4B:06:0B:16:70
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f1f34170-6148-462d-b1cc-53dafdb7dca0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.205.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4c:59:1d:4c:19:a5:49:87:0f:43:17:8b:b5:9c:a9:7d:81:5d:
c7:4a:e3:ee:07:38:91:43:ea:fb:8f:54:62:a5:a6:19:d5:8b:
03:b9:6a:97:29:d6:3e:23:4f:f5:1a:de:d8:7f:8b:6b:e4:cc:
9f:90:92:ba:a9:65:83:21:4a:81:13:64:f9:ab:86:b2:73:56:
44:10:ec:6b:d4:62:74:b6:81:c9:58:b7:f4:50:cb:ac:be:74:
b0:03:3f:4b:d8:cb:f7:86:91:ae:d3:56:0b:5a:c0:fd:5a:82:
f2:d8:5b:d6:9c:5e:40:95:76:72:c9:d0:8f:6a:90:7e:78:0f:
16:32:63:5d:4f:76:9a:17:60:11:ea:24:dc:bc:24:ef:38:0b:
22:5f:1d:99:18:64:9c:93:bc:e7:00:79:4e:09:da:71:cb:48:
c2:70:9e:11:98:87:6b:34:1c:4f:b5:38:b3:f3:1e:89:1e:ec:
cf:e3:c9:df:56:18:1e:95:9a:7a:0d:df:b3:66:95:e6:a1:4d:
9c:40:0c:9a:19:7d:0b:5c:0a:e9:22:9e:5e:f8:3e:f9:ca:bf:
7a:da:e6:a6:96:7d:33:4e:0d:45:ae:b4:63:6c:cf:4c:b1:50:
0c:26:11:3d:7a:21:1b:3b:d4:c9:9a:44:9d:cc:ca:af:78:c5:
f4:0a:df:d1
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUVqtKAYN+aQHPJUsdBd9VqLFsBp8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTE1MDAwMDAwWhcNMjUwMjE5MjM1OTU5
WjB6MUkwRwYDVQQFE0A2NDZiOTI2ZTBmYjU3Y2JhY2UyZWEyMTY5MTk2NWQwNGFj
NTQ4MmUzZmQwYTA2NzhkOTgzZWFhZDJjN2E0OWY1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQClGpfcvH9IwLaF5XzyKMfKOXplnd5R104aT48CaUFexYQB
Q7Rgz0zvEqIAdcJEt1FTAS/5O6bEhc4JCAxwxejKbtU5d6qlmPpZqC98GNKzy9Ps
Mk6ojL/Khpcy0BkQBpqbLVWEV7jtf8zUh2MT+MhW9XkMkJFvkEPGur1spTKjf9SX
/NpSwe+zMXsgeGK4E6JpU73o4vQBnK4ziWLBZoGzTH8UOQKt0pjK4rbvUrSthQyd
2a70f8TwRHtnE8WOajUEFQxpZokaUCAjYOzOEBK+jTe6neLymKwCYokCCCZ5rtdl
P/5tK/pooPjfmmSmgd3Sys28QY+vbOWK6bw77hE7AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU8U666ZJF+KerlVhkhS6BSwYLFnAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2YxZjM0MTcwLTYxNDgtNDYyZC1iMWNjLTUzZGFmZGI3ZGNhMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwDHzTANBgkqhkiG9w0BAQsFAAOCAQEATFkdTBmlSYcPQxeLtZypfYFdx0rj
7gc4kUPq+49UYqWmGdWLA7lqlynWPiNP9Rre2H+La+TMn5CSuqllgyFKgRNk+auG
snNWRBDsa9RidLaByVi39FDLrL50sAM/S9jL94aRrtNWC1rA/VqC8thb1pxeQJV2
csnQj2qQfngPFjJjXU92mhdgEeok3Lwk7zgLIl8dmRhknJO85wB5TgnacctIwnCe
EZiHazQcT7U4s/MeiR7sz+PJ31YYHpWaeg3fs2aV5qFNnEAMmhl9C1wK6SKeXvg+
+cq/etrmppZ9M04NRa60Y2zPTLFQDCYRPXohGzvUyZpEnczKr3jF9Arf0Q==
-----END CERTIFICATE-----
Generated at Wed Apr 16 17:00:23 2025 by rpki-client